8ca9be44be828c68c6ce0406ee5df03c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8ca9be44be828c68c6ce0406ee5df03c
Size

37KB
MD5

8ca9be44be828c68c6ce0406ee5df03c
SHA1

dcea9e24035fad703239db3beb1ff29a13fe14ed
SHA256

01a668096219790e48caf97bfe5ab06ad241dc7e81906aa0e086974d587d3364
SHA512

2cd38e95f28ee74c8128d56abfd186e1e67989e5e352e932169f9223ce87f25ab94e03630791c03b4102e2140fc50055b0b6e0db34e441518915cf301f9df655
SSDEEP

768:/dchRaYEUxZB3emrFTl0AYr9qlMgBS22K0k3sUwGW:/dcn3/9jJ+I12Kp3DdW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ca9be44be828c68c6ce0406ee5df03c

Files

8ca9be44be828c68c6ce0406ee5df03c
.dll windows:4 windows x86 arch:x86

c740c0ca0b62dfb93075d5ab5bfc40d9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualQueryEx
GetCommandLineA
GlobalAlloc
WideCharToMultiByte
VirtualFreeEx
CreateEventA
GetFileAttributesW
lstrcatA
MultiByteToWideChar
ReleaseSemaphore
GetTempPathW
GetProcAddress
GlobalFree
LoadLibraryA
GetModuleHandleA
lstrcatW
CloseHandle
GetCurrentProcessId
UnregisterWaitEx
lstrcpynA
lstrcpyW
DeleteFileA
lstrcpyA
ReadFile
WriteFile
RtlUnwind
CompareStringA
CreateToolhelp32Snapshot
Process32First
SetFilePointer
lstrcmpA
ResumeThread
CreateFileA

user32

DestroyWindow
GetWindowRect
GetFocus
GetGuiResources
wsprintfA
GetClientRect
SendMessageA
RegisterWindowMessageA
wsprintfW
SetWindowLongA
GetWindowLongA
CreateWindowExA
GetDlgItem
ShowWindow
CreateWindowExW
IsWindowVisible
SetWindowTextA
EnableWindow
CallWindowProcA
SetDlgItemTextA
MessageBoxA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

Exports

Exports

abcd
efgh
ijkl

Sections

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ